a. glibc update for multiple products.The glibc library has been updated in multiple products to resolve
a stack buffer overflow present in the glibc getaddrinfo function.The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the identifier CVE-2015-7547.

VMware products have been grouped into the following four
categories:

I) ESXi and ESX Hypervisor
Versions of ESXi and ESX prior to 5.5 are not affected because
they do not ship with a vulnerable version of glibc.
ESXi 5.5 and ESXi 6.0 ship with a vulnerable version of glibc and
are affected.
See table 1 for remediation for ESXi 5.5 and ESXi 6.0.

II) Windows-based products
Windows-based products, including all versions of vCenter Server
running on Windows, are not affected.

III) VMware virtual appliances
VMware virtual appliances ship with a vulnerable version of glibc
and are affected.
See table 2 for remediation for appliances.

IV) Products that run on Linux
VMware products that run on Linux (excluding virtual appliances)
might use a vulnerable version of glibc as part of the base operating
system. If the operating system has a vulnerable version of glibc,
VMware recommends that customers contact their operating system
vendor for resolution.

VMware recommends customers evaluate and deploy patches for
affected products in Table 1 and 2 below as these patches become
available. In case patches are not available, customers are
advised to deploy the workaround.

Column 4 of the following tables lists the action required to
remediate the vulnerability in each release, if a solution is
available.